PRIVACY POLICY

Last Updated: December 2025

At stephaniezikmann.com, I’m committed to protecting your privacy and personal data. This
Privacy Policy explains how I collect, use, store, and protect your information when you visit my website and blog at stephaniezikmann.com.

I comply with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. Your privacy matters to me, and I’m transparent about how I handle your data.

1. Who Am I
Data Controller: Stephanie Zikmann
Website: stephaniezikmann.com
Contact: For any data protection queries, please contact me through this website.

2. What Information I Collect

2.1 Information You Provide Directly

Contact Forms: When you submit a contact form, I collect your name, email address, and any information you choose to include in your message.

Blog Comments: When you comment on my blog posts, I collect your name, email address, website URL (if provided), and the content of your comment.

Newsletter Signups: If you subscribe to my newsletter, I collect your email address and name (if provided).

2.2 Information Collected Automatically

Cookies & Similar Technologies: I use cookies and similar tracking technologies to enhance your browsing experience. See my Cookie Policy (Section 8) for full details.

Analytics Data: I collect information about how you use my website, including:

– Pages visited and time spent on pages
– Referring websites and search terms
– Device type, browser type, and operating system
– IP address (anonymised where possible)
– Geographic location (country/city level only)

Log Files: My web server automatically collects standard log file information, including IP addresses, browser types, and access times.

2.3 Information from Third Parties

Social Media Plugins: If you interact with social media buttons or plugins on my site (Facebook,
Instagram, LinkedIn), those platforms may collect information about your visit.

Affiliate Networks: When you click on affiliate links, affiliate networks may collect information
about your click and any subsequent purchases.

3. How I Use Your Information
I use your personal data for the following purposes:

3.1 Essential Website Functions

– To respond to your enquiries submitted through contact forms
– To display and manage your blog comments
– To deliver newsletters you’ve subscribed to
– To maintain website security and prevent fraud

3.2 Website Improvement

– To analyse website traffic and user behaviour
– To improve our content and user experience
– To understand which topics resonate with our audience

3.3 Marketing Communications

– To send you newsletters and educational content (only if you’ve subscribed)
– To inform you about relevant courses, resources, or updates

3.4 Legal Compliance

– To comply with legal obligations
– To enforce my Terms & Conditions
– To protect my rights and the rights of others

Legal Basis: I process your data based on:

– Consent: When you subscribe to newsletters or submit forms
– Legitimate Interests: For analytics, website improvement, and security
– Legal Obligation: When required by law

4. How I Store Your Information

4.1 Data Storage Location

Your data is stored on secure servers. Some data may be transferred to and stored in countries outside the UK and European Economic Area (EEA). When this occurs, I ensure appropriate safeguards are in place to protect your data in accordance with UK GDPR requirements.

4.2 Data Security Measures

I implement appropriate technical and organisational measures to protect your personal data, including:

– Secure Socket Layer (SSL) encryption for data transmission
– Password-protected and restricted access to systems
– Regular security assessments and updates
– Secure backup procedures

Whilst I take reasonable precautions to protect your data, no method of transmission over the internet is 100% secure. I cannot guarantee absolute security.

5. Data Retention Periods

I retain your personal data only for as long as necessary to fulfil the purposes outlined in this Privacy Policy:

Contact Form Submissions: 2 years from submission, unless ongoing correspondence requires longer retention

Blog Comments: Indefinitely, unless you request deletion or the comment violates our policies

Newsletter Subscriptions: Until you unsubscribe, plus 30 days to process your request

Analytics Data: Anonymised analytics data is retained for up to 26 months

Log Files: 90 days

After these periods, I will securely delete or anonymise your data unless I’m legally required to retain it longer.

6. Third-Party Services

I use trusted third-party services to operate my website and provide you with a better experience.

These services may collect and process your data on my behalf:

6.1 Analytics Services

Google Analytics: I use Google Analytics to understand how visitors use my site. Google Analytics collects information anonymously and reports website trends. You can opt out using the Google Analytics Opt-out Browser Add-on (https://tools.google.com/dlpage/gaoptout).

6.2 Email Marketing Platforms

I use email marketing platforms to manage newsletter subscriptions and send communications.

These platforms process your email address and engagement data (opens, clicks) in accordance
with their privacy policies.

6.3 Social Media Plugins

My site includes social media sharing buttons and plugins (What’s App, Facebook, Instagram,
LinkedIn). These platforms may collect information about your visit, even if you don’t click the buttons. Please review their privacy policies for details.

6.4 Affiliate Networks

I participate in affiliate programmes. When you click affiliate links, affiliate networks may track
your clicks and purchases using cookies. I receive commission reports that may include aggregated data but not your personal information.

6.5 Hosting & Content Delivery
My website is hosted by third-party providers who may process your data (IP addresses, log files) to deliver website content and maintain security.

Third-Party Responsibility: These third parties have their own privacy policies and are responsible for their data practices. I carefully select partners who meet high data protection standards.

7. Your Rights Under UK GDPR

You have the following rights regarding your personal data:

7.1 Right of Access
You can request a copy of the personal data I hold about you.

7.2 Right to Rectification
You can request that we correct inaccurate or incomplete data.

7.3 Right to Erasure (Right to be Forgotten)
You can request that I delete your personal data in certain circumstances.

7.4 Right to Restrict Processing
You can request that I limit how I use your data in certain situations.

7.5 Right to Data Portability
You can request a copy of your data in a structured, commonly used format.

7.6 Right to Object
You can object to processing based on legitimate interests or for direct marketing purposes.

7.7 Right to Withdraw Consent
Where processing is based on consent, you can withdraw it at any time.

7.8 Right to Lodge a Complaint
You have the right to lodge a complaint with the Information Commissioner’s Office (ICO), the
UK’s data protection authority:
– Website: ico.org.uk
– Helpline: 0303 123 1113

Exercising Your Rights: To exercise any of these rights, please contact me through my website. I will respond within one month of receiving your request.

8. Cookies & Tracking Technologies

8.1 What Are Cookies?

Cookies are small text files placed on your device when you visit websites. They help websites remember your preferences and understand how you use the site.

8.2 Types of Cookies I Use

Strictly Necessary Cookies: Essential for website functionality (e.g., security, session management). These cannot be disabled.

Analytics Cookies: Help me understand how visitors use my site (e.g., Google Analytics). These collect anonymised data about page views, traffic sources, and user behaviour.

Functionality Cookies: Remember your preferences and settings to enhance your experience.

Marketing Cookies: Track your activity across websites to deliver relevant advertising and measure campaign effectiveness. Used by affiliate networks and advertising platforms.

8.3 Managing Cookies
You can control and delete cookies through your browser settings. Please note that disabling certain cookies may affect website functionality.

Browser Controls:

– Chrome: Settings > Privacy and Security > Cookies
– Firefox: Options > Privacy & Security > Cookies
– Safari: Preferences > Privacy > Cookies
– Edge: Settings > Privacy > Cookies

Opt-Out Tools:

– Google Analytics: https://tools.google.com/dlpage/gaoptout
– Network Advertising Initiative: http://optout.networkadvertising.org/

9. Newsletter & Marketing Communications

9.1 Subscription

When you subscribe to my newsletter, I’ll send you educational content, industry insights, and occasional updates about my books, courses and other relevant resources.

9.2 Unsubscribe

You can unsubscribe at any time by:
– Clicking the “unsubscribe” link in any email
– Contacting me directly through my website

I’ll process your unsubscribe request within 48 hours.

9.3 Frequency

I respect your inbox. I typically send newsletters weekly or fortnightly, and I’ll never spam you or share your email address with third parties for their marketing purposes.

10. Children’s Privacy

My blog is not directed at children under 16. I do not knowingly collect personal data from children. If you believe I’ve inadvertently collected data from a child, please contact me immediately, and I’ll delete it.

11. External Links

My blog contains links to external websites. This Privacy Policy applies only to my website. I’m not responsible for the privacy practices of third party sites. Please review their privacy policies before providing personal information.

12. Changes to This Privacy Policy

I may update this Privacy Policy periodically to reflect changes in my practices, technology, legal requirements, or other factors. Changes will be effective immediately upon posting with an updated “Last Updated” date.

I encourage you to review this Privacy Policy regularly to stay informed about how I protect your data.

Significant Changes: If I make significant changes that affect your rights, I’ll notify you by email (if you’re subscribed) or through a prominent notice on my website.

13. International Data Transfers
Some of my third-party service providers are based outside the UK and EEA. When I transfer your
data internationally, I ensure appropriate safeguards are in place, such as:

– Standard Contractual Clauses approved by the UK authorities
– Adequacy decisions recognising equivalent data protection standards
– Other legally approved transfer mechanisms

14. Automated Decision-Making
I do not use automated decision-making or profiling that produces legal effects or significantly affects you.

15. Data Breach Notification
In the unlikely event of a data breach that poses a risk to your rights and freedoms, I’ll notify you and the ICO within 72 hours, as required by UK GDPR.

16. Contact Me
If you have any questions, concerns, or requests regarding this Privacy Policy or how I handle your personal data, please contact me through our website at stephaniezikmann.com.

I take your privacy seriously and will respond to all enquiries promptly.

By using my website and blog, you acknowledge that you have read and understood this Privacy Policy and consent to the collection, use, and processing of your personal data as described.

Thank you for trusting Stephanie Zikmann with your personal information. I’m committed to maintaining that trust through transparent, responsible data practices.